FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article explains how to keep a WiFi network on the same subnet as LAN or desired VLAN network. This is important as a FortiGate unit requires each network interface to have a single unique network segment. 

To create the bridged WiFi and wired LAN configuration, it is necessary to configure the SSID with the local bridge option so that traffic is sent directly over the FortiAP unit’s Ethernet interface to the FortiGate unit, instead of being tunneled to the WiFi controller.

1.) Navigate to WiFi Controller > WiFi Network > SSID and select Create New.

2.) Give a name then select the traffic mode as “Local bridge with FortiAP’s Interface”, configure the SSID and passphrase.

 (If its required to have the WiFi network on same subnet of VLAN network which is configured in FortiGate then enter the VLAN ID , by default VLAN ID is 0).

3.) Navigate to WiFi Controller > FortiAP profiles > edit  the FortiAP profile applied to AP then select the bridge SSID

Configure the bridge SSID from CLI commands.

This example creates a WiFi interface “Corporate_WiFi” with SSID “Office_WiFi” using WPA-Personal security, passphrase “Fortinet1”.

config wireless-controller vap
edit Corporate_WiFi
set vdom "root"
set ssid "Office_WiFi"
set local-bridging enable
set passphrase Fortinet1
set vlanid     }--- optional if required to have WiFi on VLAN subnet

config  wireless-controller wtp-profile
edit FAP221C-default
config radio-1
set vaps Corporate_WiFi
config radio-2
set vaps Corporate_WiFi
If the DHCP server configured on LAN interface then WLAN clients gets an IP from the LAN DHCP lease scope on the FortiGate. If there is a DHCP server it not necessary to create a DHCP relay since the WLAN and LAN fall under bridge interface.